cjoint

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.7.12.88 Por Nicolas Coolman (2015/07/12)
~ iniciado por euclides (Administrator) (2015/07/12 16:31:11)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Status da versão: Version OK
~ Modo: Scanner
~ Relatório: C:\Users\euclides\Desktop\ZHPDiag.txt
~ Relatório: C:\Users\euclides\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Inicialização do sistema: Normal (Normal boot)
~ Windows 7, 32-bit Service Pack 1 (Build 7601)

---\\ Navegadores Internet (2) - 0s
MFIE: Mozilla Firefox 38.0.5 (x86 pt-BR) v38.0.5
MSIE: Internet Explorer v11.0.9600.17843

---\\ Informações sobre os produtos Windows (3) - 2s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema (2) - 1s
Avast Free Antivirus v10.2.2218
Malwarebytes Anti-Malware versão 2.1.6.1022

---\\ Softwares d'optimização do sistema (1) - 1s
CCleaner v4.13

---\\ Monitoramento dos softwares (2) - 1s
Adobe Flash Player 18 NPAPI
Adobe Reader XI

---\\ Informações sobre o sistema (6) - 0s
~ Operating System: x86 Family 6 Model 23 Stepping 7, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 3144184
~ System Restore: Activé (Enable)
~ System drive C: has 45 GB free of 152 GB

---\\ Modo de conexão ao sistema (3) - 0s
~ Computer Name: EUCLIDES-PC
~ User Name: euclides
~ Logged in as Administrator

---\\ Enumeração das unidades dos discos (1) - 6s
~ Drive C: has 45 GB free of 152 GB (System)

---\\ Pesquisa particular de ficheiros genéricos (23) - 0s
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2616320]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) () -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4EB138060BAE0DBAB1A3B71A3141FE7] - (.Microsoft Corporation - Internet Extensions para Win32.) () -- C:\Windows\System32\wininet.dll [1950720]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) () -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) () -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) () -- C:\Windows\System32\drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [71168]
[MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) () -- C:\Windows\System32\drivers\volsnap.sys [245632]

---\\ Processos lançados (16) - 2s
[MD5.BA904003C01EF8845BF9C53C86C3EEF8] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files\GbPlugin\gbpsv.exe [565560] [PID.824]
[MD5.B19505648F033393E907E2E419FDE8B3] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [176128] [PID.984]
[MD5.378F5EB676C0BD7EAAAFA7AD5BA44B16] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [348160] [PID.1388]
[MD5.54236E79A44F909612391C8A2D70D512] - (.Avast Software s.r.o. - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336] [PID.1536]
[MD5.066C6CCCF670D9BBCAECC781FB8D7EB9] - (.arvato digital services llc - PsiService PsiService.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360] [PID.2104]
[MD5.96EFEC24346A8EB1157E80523079ADDC] - (...) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056] [PID.2132]
[MD5.65C6AA484AD2287D20541C7735989437] - (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496] [PID.2488]
[MD5.9DA3B55B17B54789AFB8C657D4ACE4D7] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688] [PID.3064]
[MD5.E5C796B621F6FBA8616511063D7F0FFE] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688] [PID.3104]
[MD5.758B320E709CBF1D0C34A18390EEE6E8] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe [5495056] [PID.3232]
[MD5.363B76E94C65E235C2D6F676B49829E5] - (.VMware, Inc. - VMware NAT Service.) -- C:\Windows\System32\vmnat.exe [437328] [PID.3324]
[MD5.ED6BB091F7DCE95FEE74FE328DCB5053] - (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) -- C:\Program Files\Diebold\Warsaw\core.exe [507704] [PID.3396]
[MD5.549CD7035F5CF5CEE4DE11539C9715F4] - (.VMware, Inc. - VMware Authorization Service.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [86096] [PID.3612]
[MD5.9C9D86BEDE5D4A357FD7924F2CB02791] - (.VMware, Inc. - VMware VMnet DHCP service.) -- C:\Windows\System32\vmnetdhcp.exe [358480] [PID.3736]
[MD5.1AB215F2178DBA5B4423584D1CF6AB5C] - (.VMware, Inc. - VMware USB Arbitration Service.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [721464] [PID.3768]
[MD5.E5CA07C1A5A4C7095FC8937D84B37243] - (.Avast Software - AvastVirtualBox Interface.) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800] [PID.3436]

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3) (22) - 2s
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\buscape.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\mercadolivre.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\twitter.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-br.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo-br.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/abn] - (.GAS Tecnologia.) -- C:\Users\euclides\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia.) -- C:\Users\euclides\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_18_0_0_203.dll
P2 - FPN: [HKLM] [@google.com/sewebplugin] - (.(c) CloudShare Ltd. All rights reserved..) -- C:\Windows\System32\npsewebplugin.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.25.2] - (.Oracle Corporation.) -- C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.25.2] - (.Oracle Corporation.) -- C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=16.0.3.51] - (.RealNetworks, Inc..) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprndlchromebrowserrecordext;version=1.3.3] - (.RealNetworks, Inc..) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
P2 - FPN: [HKLM] [@real.com/nprndlhtml5videoshim;version=1.3.3] - (.RealNetworks, Inc..) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprndlpepperflashvideoshim;version=1.3.3] - (.RealNetworks, Inc..) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpplugin;version=16.0.3.51] - (.RealPlayer.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
P2 - FPN: [HKLM] [@realnetworks.com/npdlplugin;version=1] - (.RealDownloader.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
P2 - FPN: [HKLM] [@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5] - (.RocketLife, LLP.) -- C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4) (9) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Gestão do Proxy (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Redireção do ficheiro Hosts (O1) (1) - 1s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Objects do navegador (O2) (1) - 0s
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} . (.Caixa Economica Federal - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehcef.dll

---\\ Aplicações iniciadas por registo & pastas (O4) (9) - 0s
O4 - HKLM\..\Run: [AvastUI.exe] . (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [RzWizard] . (.Razer Inc. - Razer Wizard.) -- C:\Program Files\Razer\RzWizard\RzWizard.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
O4 - HKCU\..\Run: [AdobeBridge] (Orphean)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-3371435840-2224733889-2950291488-1001\..\Run: [AdobeBridge] (Orphean)

---\\ Alteração Dominio/Clientes DNS (017) (9) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.6.2.124 201.6.2.224
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = spo.virtua.com.br
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 201.6.2.124 201.6.2.224
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = spo.virtua.com.br
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 201.6.2.124 201.6.2.224
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpDomain = spo.virtua.com.br

---\\ Lista dos serviços NT não Microsoft e não desativados (023) (20) - 2s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Avast Antivirus (avast! Antivirus) . (.Avast Software s.r.o. - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files\GbPlugin\gbpsv.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) . (.arvato digital services llc - PsiService PsiService.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Razer Wizard Service (RzWizardService) . (.Razer Inc. - RzWizardService.) - C:\Program Files\Razer\RzWizard\RzWizardService.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) . (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 10.) - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: VMware Authorization Service (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) . (.VMware, Inc. - VMware VMnet DHCP service.) - C:\Windows\System32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service (VMware NAT Service) . (.VMware, Inc. - VMware NAT Service.) - C:\Windows\System32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: Warsaw Technology (Warsaw Technology) . (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) - C:\Program Files\Diebold\Warsaw\core.exe

---\\ Tarefas planificadas automaticamente (039) (28) - 3s
[MD5.70685AC6E02E9C2DFB88D4851954F5B4] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998088]
[MD5.B8F7DF2DD3AA8A5AA865162F011636AD] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [268976]
[MD5.FAAE091936E04BDE3B6041AB5C16BC7B] [APT] [avast! Emergency Update] (.Avast Software s.r.o..) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1298776]
[MD5.03E07421C99D99D2DB8F4E5CCB890B23] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4524312]
[MD5.972660FF98FF27754D7401B792E7C105] [APT] [HP Photo Creations Communicator] (...) -- C:\ProgramData\HP Photo Creations\Communicator.exe [186120]
[MD5.6D51713A36C0733A4BDD94EAD5A33AD9] [APT] [HPCustParticipation HP Deskjet 3510 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2938984]
[MD5.DDBE89226D55D694F1B7B3DD0C324640] [APT] [RealDownloaderDownloaderScheduledTaskS-1-5-21-3371435840-2224733889-2950291488-1001] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [233048]
[MD5.675DE4EC2D88A6D68C39C662A3204596] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-3371435840-2224733889-2950291488-1001] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [187984]
[MD5.675DE4EC2D88A6D68C39C662A3204596] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3371435840-2224733889-2950291488-1001] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [187984]
[MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealPlayerRealUpgradeLogonTaskS-1-5-21-3371435840-2224733889-2950291488-1001] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [187984]
[MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealPlayerRealUpgradeScheduledTaskS-1-5-21-3371435840-2224733889-2950291488-1001] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [187984]
[MD5.00000000000000000000000000000000] [APT] [Trojan Killer] (.RealNetworks, Inc..) -- C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984]
O39 - APT: HP Photo Creations Communicator - (..) -- C:\Windows\Tasks\HP Photo Creations Communicator.job [344]
O39 - APT: avast! Emergency Update - (.Avast Software s.r.o..) -- C:\Windows\System32\Tasks\avast! Emergency Update [4182]
O39 - APT: RealDownloaderDownloaderScheduledTaskS-1-5-21-3371435840-2224733889-2950291488-1001 - (.RealNetworks, Inc..) -- C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3371435840-2224733889-2950291488-1001 [3382]
O39 - APT: RealDownloaderRealUpgradeLogonTaskS-1-5-21-3371435840-2224733889-2950291488-1001 - (.RealNetworks, Inc..) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3371435840-2224733889-2950291488-1001 [3234]
O39 - APT: RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3371435840-2224733889-2950291488-1001 - (.RealNetworks, Inc..) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3371435840-2224733889-2950291488-1001 [3362]
O39 - APT: RealPlayerRealUpgradeLogonTaskS-1-5-21-3371435840-2224733889-2950291488-1001 - (.RealNetworks, Inc..) -- C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3371435840-2224733889-2950291488-1001 [3212]
O39 - APT: RealPlayerRealUpgradeScheduledTaskS-1-5-21-3371435840-2224733889-2950291488-1001 - (.RealNetworks, Inc..) -- C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3371435840-2224733889-2950291488-1001 [3340]
O39 - APT: Trojan Killer - (.RealNetworks, Inc..) -- C:\Windows\System32\Tasks\Trojan Killer [3258]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{44946C84-8874-427E-B289-EC7ACE84F48F} [3154]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{56133281-7095-4631-8AAE-89E73E2DD31C} [3312]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{7FBE14FA-9180-48FE-985E-787B4AFCCCB3} [3168]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{9689EE7B-6E4B-4A79-8736-60DD7B9B6881} [3156]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{BDAC1575-0952-4AE8-9F53-867F8133E250} [3044]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{C9E3C8AE-0808-4CB1-B65F-07D0A2396021} [3376]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{CC128549-C7CA-43B8-B81C-73AA4ACDC81D} [3066]

---\\ Software instalados (042) (106) - 17s
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Creative Cloud
O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: AIDA64 Extreme v5.00 - (.FinalWire Ltd..) [HKLM] -- AIDA64 Extreme_is1
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM] -- Avast
O42 - Logiciel: Foxit Advanced PDF Editor 3 - (.Foxit Corporation.) [HKLM] -- B521582C-6BE3-491D-BCC8-FFB8301298E9_is1
O42 - Logiciel: Blender (remove only) - (...) [HKLM] -- Blender
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: GeoVision H264 - (...) [HKLM] -- Codec_264
O42 - Logiciel: GeoVision MPEG4 ASP - (...) [HKLM] -- Codec_amp4
O42 - Logiciel: GeoVision MPEG4 AVC - (...) [HKLM] -- Codec_AVC
O42 - Logiciel: GeoVision JPEG - (...) [HKLM] -- Codec_jpeg
O42 - Logiciel: GeoVision MPEG2 - (...) [HKLM] -- Codec_mp2
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM] -- DAEMON Tools Lite
O42 - Logiciel: Driver Magician 4.5 - (.GoldSolution Software, Inc..) [HKLM] -- Driver Magician_is1
O42 - Logiciel: EAGLE 7.2.0 - (.CadSoft Computer GmbH.) [HKLM] -- EAGLE 7.2.0
O42 - Logiciel: EVEREST Ultimate Edition v4.60 - (.Lavalys, Inc..) [HKLM] -- EVEREST Ultimate Edition_is1
O42 - Logiciel: FormatFactory 3.6.0.0 - (.Format Factory.) [HKLM] -- FormatFactory
O42 - Logiciel: GeoVision ADPCM - (...) [HKLM] -- GeoADPCM
O42 - Logiciel: GeoVision GV-250 System - (...) [HKLM] -- GeoVision GV-250 System
O42 - Logiciel: GeoVision MPEG4 - (...) [HKLM] -- GEOXCodec
O42 - Logiciel: GPS - (...) [HKLM] -- GPS
O42 - Logiciel: HD Tune Pro 5.60 - (.EFD Software.) [HKLM] -- HD Tune Pro_is1
O42 - Logiciel: HP Photo Creations - (.HP.) [HKLM] -- HP Photo Creations
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: IsoBuster 3.5 - (.Smart Projects.) [HKLM] -- IsoBuster_is1
O42 - Logiciel: Malwarebytes Anti-Malware versão 2.1.6.1022 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 38.0.5 (x86 pt-BR) - (.Mozilla.) [HKLM] -- Mozilla Firefox 38.0.5 (x86 pt-BR)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 16.0
O42 - Logiciel: Recuva - (.Piriform.) [HKLM] -- Recuva
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: RMPrepUSB - (...) [HKLM] -- RMPrepUSB
O42 - Logiciel: Samsung i-Launcher 1.0.1.57 - (.Samsung Electronics Co., Ltd..) [HKLM] -- Samsung i-Launcher
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM] -- TeamViewer
O42 - Logiciel: VeryPDF PDF2Word v2.0 - (.VeryPDF.com Inc.) [HKLM] -- VeryPDF PDF2Word v2.0_is1
O42 - Logiciel: VMware Workstation - (.VMware, Inc.) [HKLM] -- VMware_Workstation
O42 - Logiciel: WinPDFEditor V2.3 - (.http://www.WinPDFEditor.com.) [HKLM] -- WinPDFEditor_is1
O42 - Logiciel: WinRAR 5.11 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM] -- _{B865FDD4-E96E-4166-BB69-6E8C207E3E29}
O42 - Logiciel: CorelDRAW Graphics Suite X7 - (.Corel Corporation.) [HKLM] -- _{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}
O42 - Logiciel: tools-freebsd - (.VMware, Inc..) [HKLM] -- {003BFBBD-6C67-419E-A24D-0DCAFC3A5249}
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM] -- {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
O42 - Logiciel: VMware Workstation - (.VMware, Inc..) [HKLM] -- {0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}
O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {15FEDA5F-141C-4127-8D7E-B962D1742728}
O42 - Logiciel: tools-netware - (.VMware, Inc..) [HKLM] -- {197597A7-AD33-4898-9D8E-73066818B464}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: web control version 3.0.2.3 - (...) [HKLM] -- {20779EFD-5A24-45F7-A133-132975478C4E}_is1
O42 - Logiciel: Warsaw 1.5.1.8886 32 bits - (.GAS Tecnologia.) [HKLM] -- {20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1
O42 - Logiciel: CorelDRAW Graphics Suite X7 - Writing Tools - (. Corel Corporation.) [HKLM] -- {246FE426-2661-4DD6-9603-DF2E6832387C}
O42 - Logiciel: Java 7 Update 60 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F03217060FF}
O42 - Logiciel: Java 8 Update 25 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218025F0}
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
O42 - Logiciel: Nero 7 Ultra Edition - (.Nero AG.) [HKLM] -- {293C9DF5-7669-4826-BBB2-E1F182D71046}
O42 - Logiciel: Rivo - (.Avery Dennison.) [HKLM] -- {2C0D5586-B96C-404F-96D7-91BE2A304853}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM] -- {3889988F-762B-4B85-AB17-71C9CC3AE445}
O42 - Logiciel: HP FWUpdateEDO2 - (.Hewlett-Packard.) [HKLM] -- {415FA9AD-DA10-4ABE-97B6-5051D4795C90}
O42 - Logiciel: Aidfile recovery software professional version 3.6.2.2 - (.Mitusoft, Inc..) [HKLM] -- {456B239A-C1E0-4178-810E-8E8F09B06877}_is1
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: GBBD Caixa Economica Federal - (...) [HKLM] -- {5d01f486-f32d-462e-8830-cc1d116e8ece}_is1
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Python 2.6.6 - (.Python Software Foundation.) [HKLM] -- {6151cf20-0bd8-4023-a4a0-6a86dcfe58e5}
O42 - Logiciel: CorelDRAW Graphics Suite X7 - IPM Content - (.Corel Corporation.) [HKLM] -- {657EAD32-8E7A-43C0-A794-3BB31B00DC34}
O42 - Logiciel: HP Deskjet 3510 series Software básico do dispositivo - (.Hewlett-Packard Co..) [HKLM] -- {69969D5E-20DA-47FF-B657-E5D152672AB5}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}
O42 - Logiciel: Adobe Photoshop CS6 - (.Adobe Systems Incorporated.) [HKLM] -- {74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- {758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Wondershare PDF Editor(Build 3.9.2) - (.Wondershare Software Co.,Ltd..) [HKLM] -- {75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {7BBAEC47-1CC0-4CB8-ADB4-531B78DBD1DD}
O42 - Logiciel: PCStitch 10 - (.M&R Technologies, Inc..) [HKLM] -- {7D389358-56D0-4988-BAAC-5ACE907CCEBD}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {817750FA-EC6A-485D-9901-0683AE6FFDF1}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: AirPlus G DWL-G510 - (.D-Link.) [HKLM] -- {8B128562-681D-4FFA-BEBF-A825985B2CB9}
O42 - Logiciel: Win7codecs - (.Shark007.) [HKLM] -- {8C0CAA7A-3272-4991-A808-2C7559DE3409}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: Pacote de Compatibilidade para o sistema Office 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-0416-0000-0000000FF1CE}
O42 - Logiciel: HP Deskjet 3510 series Ajuda - (.Hewlett Packard.) [HKLM] -- {949C49A5-91B7-40D2-AF9A-15681454074A}
O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Deskjet 3510 series Estudo de aprimoramento de produtos - (.Hewlett-Packard Co..) [HKLM] -- {A9BBAC7C-D3FD-4DA6-8A9C-0151A3E50363}
O42 - Logiciel: tools-solaris - (.VMware, Inc..) [HKLM] -- {AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824144531}
O42 - Logiciel: Adobe Reader XI (11.0.11) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001}
O42 - Logiciel: tools-winPre2k - (.VMware, Inc..) [HKLM] -- {AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}
O42 - Logiciel: @BIOS - (.GIGABYTE.) [HKLM] -- {B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}
O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM] -- {B865FDD4-E96E-4166-BB69-6E8C207E3E29}
O42 - Logiciel: GeoVision IPCam Installer - (...) [HKLM] -- {C0F6F054-251A-4CA6-AA1E-BE41E2732C70}
O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM] -- {C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM] -- {CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: tools-linux - (.VMware, Inc..) [HKLM] -- {D102611A-6466-4101-A51D-51069303AC65}
O42 - Logiciel: CorelDRAW Graphics Suite X7 - IPM T - (.Corel Corporation.) [HKLM] -- {D29A4F85-0FB7-4E54-B591-044652C4295F}
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM] -- {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: tools-windows - (.VMware, Inc..) [HKLM] -- {FFD9383C-01D5-4897-A954-43AF599AED30}
O42 - Logiciel: MyFreeCodec - (...) [HKCU] -- MyFreeCodec
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU] -- OneDriveSetup.exe
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent

---\\ HKCU & HKLM Software Keys (154) - 17s
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\Ahead
HKLM\SOFTWARE\Alcohol Soft
HKLM\SOFTWARE\Alpha Networks
HKLM\SOFTWARE\AMD
HKLM\SOFTWARE\ANI
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\Audible
HKLM\SOFTWARE\Autodesk
HKLM\SOFTWARE\AutoHelpDesk
HKLM\SOFTWARE\AVAST Software
HKLM\SOFTWARE\AviSynth
HKLM\SOFTWARE\Baidu Security
HKLM\SOFTWARE\Bitstream
HKLM\SOFTWARE\BlenderFoundation
HKLM\SOFTWARE\CadSoft
HKLM\SOFTWARE\CDDB
HKLM\SOFTWARE\Corel
HKLM\SOFTWARE\CXT
HKLM\SOFTWARE\D-Link
HKLM\SOFTWARE\Debug
HKLM\SOFTWARE\Disc Soft
HKLM\SOFTWARE\DRWNewFree
HKLM\SOFTWARE\DT Soft
HKLM\SOFTWARE\EASEUS
HKLM\SOFTWARE\Foxit Software
HKLM\SOFTWARE\GEAR Software
HKLM\SOFTWARE\GeoVision
HKLM\SOFTWARE\GIGABYTE
HKLM\SOFTWARE\GNU
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\HaaliMkx
HKLM\SOFTWARE\Hewlett-Packard
HKLM\SOFTWARE\HP
HKLM\SOFTWARE\Icaros
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\IObit
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\M&R Technologies, Inc.
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\MicroQuill
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\MT Solution
HKLM\SOFTWARE\Nero
HKLM\SOFTWARE\NSIS_RMPrepUSB
HKLM\SOFTWARE\NtIObits
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Protexis
HKLM\SOFTWARE\Python
HKLM\SOFTWARE\RealNetworks
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Rivo
HKLM\SOFTWARE\RocketLife
HKLM\SOFTWARE\RTS
HKLM\SOFTWARE\SAMSUNG
HKLM\SOFTWARE\Smart Projects
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\Symantec
HKLM\SOFTWARE\TeamViewer
HKLM\SOFTWARE\ThinPrint
HKLM\SOFTWARE\Tracker Software
HKLM\SOFTWARE\Visan
HKLM\SOFTWARE\VMware, Inc.
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\Winbond
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\Wondershare
HKLM\SOFTWARE\Xing Technology Corp.
HKCU\SOFTWARE\AC3filter
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Ahead
HKCU\SOFTWARE\Aidfile recovery professional
HKCU\SOFTWARE\AirNav Systems
HKCU\SOFTWARE\Akeo Consulting
HKCU\SOFTWARE\Alcohol Soft
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Auslogics
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Baidu Security
HKCU\SOFTWARE\Baixaki
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Convar
HKCU\SOFTWARE\Corel
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\DivX
HKCU\SOFTWARE\Driver Magician
HKCU\SOFTWARE\EFD Software
HKCU\SOFTWARE\Emulators
HKCU\SOFTWARE\EyePlayer
HKCU\SOFTWARE\Filefacts
HKCU\SOFTWARE\FinalWire
HKCU\SOFTWARE\Foxit Software
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GbAs
HKCU\SOFTWARE\GbPlugin
HKCU\SOFTWARE\GeoVision
HKCU\SOFTWARE\giveawayoftheday.com
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\HP
HKCU\SOFTWARE\HP Photo Creations
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\LAV
HKCU\SOFTWARE\Lavalys
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\M&R Technologies
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\madFlac
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MiniTool Solution Ltd.
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-BE
HKCU\SOFTWARE\MyLabel
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\PDFEdit
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Samsung
HKCU\SOFTWARE\Smart Projects
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\Tracker Software
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\Visan
HKCU\SOFTWARE\VMware, Inc.
HKCU\SOFTWARE\VSRevoGroup
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\MarkAny
HKCU\SOFTWARE\AppDataLow\Software\RealNetworks
HKCU\SOFTWARE\AppDataLow\Software\ThinPrint

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43) (290) - 12s
O43 - CFD: 2014/12/23 07:16:25 - [] D -- C:\Program Files\Adobe
O43 - CFD: 2014/05/15 15:49:34 - [] D -- C:\Program Files\Adobe Media Player
O43 - CFD: 2015/06/13 09:58:24 - [] D -- C:\Program Files\Aidfile recovery Professional
O43 - CFD: 2015/02/24 12:36:13 - [] D -- C:\Program Files\ajt
O43 - CFD: 2014/05/15 08:38:28 - [] D -- C:\Program Files\Alcohol Soft
O43 - CFD: 2015/02/08 18:01:33 - [] D -- C:\Program Files\Apple Software Update
O43 - CFD: 2014/05/13 10:16:56 - [] D -- C:\Program Files\Arquivos Comuns
O43 - CFD: 2014/05/13 13:01:16 - [] D -- C:\Program Files\AVAST Software
O43 - CFD: 2014/05/14 15:13:02 - [] D -- C:\Program Files\Blender Foundation
O43 - CFD: 2015/02/08 18:00:52 - [] D -- C:\Program Files\Bonjour
O43 - CFD: 2014/05/13 13:24:56 - [] D -- C:\Program Files\CCleaner
O43 - CFD: 2015/07/12 11:33:50 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2015/05/29 08:46:29 - [] D -- C:\Program Files\Convar
O43 - CFD: 2015/01/14 09:38:22 - [] D -- C:\Program Files\Corel
O43 - CFD: 2015/06/22 14:20:57 - [] D -- C:\Program Files\D-Link
O43 - CFD: 2014/05/13 13:32:12 - [] D -- C:\Program Files\DAEMON Tools Lite
O43 - CFD: 2015/04/01 07:54:40 - [] D -- C:\Program Files\Diebold
O43 - CFD: 2015/02/27 11:42:42 - [] D -- C:\Program Files\Driver Magician
O43 - CFD: 2011/02/05 15:02:02 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 2015/01/30 09:44:55 - [] D -- C:\Program Files\FinalWire
O43 - CFD: 2015/07/01 20:16:26 - [] D -- C:\Program Files\Foxit Software
O43 - CFD: 2015/06/07 12:31:04 - [] D -- C:\Program Files\FreeTime
O43 - CFD: 2015/04/01 07:54:40 - [] D -- C:\Program Files\GAS Tecnologia
O43 - CFD: 2015/07/12 11:03:08 - [] AD -- C:\Program Files\GbPlugin
O43 - CFD: 2015/06/03 13:48:32 - [] D -- C:\Program Files\GIGABYTE
O43 - CFD: 2015/07/11 16:09:21 - [] D -- C:\Program Files\Google
O43 - CFD: 2015/05/10 08:25:56 - [] D -- C:\Program Files\HD Tune Pro
O43 - CFD: 2014/06/08 10:10:50 - [] D -- C:\Program Files\HP
O43 - CFD: 2014/06/08 10:11:18 - [] D -- C:\Program Files\HP Photo Creations
O43 - CFD: 2015/06/22 14:20:57 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 2015/06/13 17:52:21 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2015/05/08 09:02:14 - [] D -- C:\Program Files\IObit
O43 - CFD: 2015/02/24 11:27:17 - [] D -- C:\Program Files\IP Camera Super Client
O43 - CFD: 2014/10/19 12:37:05 - [] D -- C:\Program Files\Java
O43 - CFD: 2014/05/15 08:37:08 - [] D -- C:\Program Files\Lavalys
O43 - CFD: 2015/04/29 19:12:05 - [] D -- C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 2014/05/13 14:24:14 - [0] D -- C:\Program Files\Microsoft
O43 - CFD: 2015/07/10 16:04:16 - [] D -- C:\Program Files\Microsoft Analysis Services
O43 - CFD: 2011/02/05 15:01:59 - [] D -- C:\Program Files\Microsoft Games
O43 - CFD: 2015/07/10 16:06:43 - [] D -- C:\Program Files\Microsoft Office
O43 - CFD: 2015/05/18 07:24:15 - [] D -- C:\Program Files\Microsoft OneDrive
O43 - CFD: 2014/05/14 14:42:03 - [] D -- C:\Program Files\Microsoft SDKs
O43 - CFD: 2015/05/14 07:41:13 - [] D -- C:\Program Files\Microsoft Silverlight
O43 - CFD: 2015/07/10 16:06:41 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 2015/07/10 16:06:41 - [] D -- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 2015/07/10 16:07:14 - [] D -- C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 2015/07/10 16:05:29 - [] D -- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 2014/05/14 14:43:40 - [] D -- C:\Program Files\Microsoft Visual Studio 9.0
O43 - CFD: 2015/07/10 16:06:41 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2015/06/22 11:23:50 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2015/06/03 13:59:20 - [] D -- C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 2015/07/10 16:08:05 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2014/05/13 18:51:03 - [] D -- C:\Program Files\MSECache
O43 - CFD: 2014/05/14 15:55:15 - [] D -- C:\Program Files\Nero
O43 - CFD: 2014/05/14 15:20:00 - [] D -- C:\Program Files\PCStitch 10
O43 - CFD: 2015/07/04 17:10:55 - [] D -- C:\Program Files\Razer
O43 - CFD: 2014/08/13 13:55:15 - [] D -- C:\Program Files\Real
O43 - CFD: 2014/08/13 13:55:31 - [] D -- C:\Program Files\RealNetworks
O43 - CFD: 2015/06/13 09:58:26 - [] D -- C:\Program Files\Recuva
O43 - CFD: 2009/07/14 01:52:30 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2014/07/19 14:03:12 - [] D -- C:\Program Files\Rivo
O43 - CFD: 2015/06/06 21:10:30 - [] D -- C:\Program Files\RMPrepUSB
O43 - CFD: 2015/06/12 16:32:51 - [] D -- C:\Program Files\Runtime Software
O43 - CFD: 2015/03/30 20:58:03 - [] D -- C:\Program Files\Samsung
O43 - CFD: 2015/02/08 14:42:53 - [] D -- C:\Program Files\Smart Projects
O43 - CFD: 2015/03/10 13:52:38 - [] D -- C:\Program Files\Softinterface, Inc
O43 - CFD: 2014/09/30 12:44:35 - [] D -- C:\Program Files\SRP
O43 - CFD: 2015/06/07 14:22:47 - [] D -- C:\Program Files\TeamViewer
O43 - CFD: 2009/07/14 01:53:23 - [0] D -- C:\Program Files\Uninstall Information
O43 - CFD: 2014/10/13 18:39:14 - [] D -- C:\Program Files\VeryPDF PDF2Word v2.0
O43 - CFD: 2015/06/03 15:44:25 - [] D -- C:\Program Files\VMware
O43 - CFD: 2014/05/13 14:12:33 - [] D -- C:\Program Files\VS Revo Group
O43 - CFD: 2014/05/14 16:22:27 - [] D -- C:\Program Files\Win7codecs
O43 - CFD: 2014/12/15 07:56:33 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 2015/05/13 22:44:12 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 2014/05/13 13:55:37 - [] D -- C:\Program Files\Windows Live
O43 - CFD: 2011/02/04 14:53:46 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 2015/06/13 17:52:18 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2014/05/13 10:16:56 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2011/02/04 14:53:45 - [] D -- C:\Program Files\Windows Photo Viewer
O43 - CFD: 2011/02/04 14:53:45 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 2011/02/04 14:53:45 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 2015/03/10 14:12:02 - [] D -- C:\Program Files\WinPDFEditor
O43 - CFD: 2014/12/23 07:17:47 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2014/05/13 10:11:36 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2014/05/13 10:11:27 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2014/05/15 15:49:34 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
O43 - CFD: 2015/06/13 09:58:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aidfile recovery Professional
O43 - CFD: 2014/05/15 10:39:23 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
O43 - CFD: 2015/03/16 14:09:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 2014/05/14 15:13:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation
O43 - CFD: 2014/05/13 13:24:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2014/10/08 12:42:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7
O43 - CFD: 2014/05/13 13:33:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
O43 - CFD: 2015/02/27 11:40:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Magician
O43 - CFD: 2015/07/11 16:52:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.2.0
O43 - CFD: 2015/01/30 09:44:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
O43 - CFD: 2015/07/11 11:53:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Advanced PDF Editor
O43 - CFD: 2014/05/13 10:11:25 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/06/03 13:48:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
O43 - CFD: 2015/06/14 12:30:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
O43 - CFD: 2015/07/01 11:44:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GV250
O43 - CFD: 2015/05/10 08:25:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
O43 - CFD: 2014/06/08 10:11:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 2015/02/08 14:42:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
O43 - CFD: 2014/10/19 12:37:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2014/05/15 08:37:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
O43 - CFD: 2009/07/14 01:42:30 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/04/29 19:12:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/06/01 12:44:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxtor
O43 - CFD: 2015/07/10 17:11:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2015/05/13 13:21:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/05/31 11:40:25 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\midicam
O43 - CFD: 2015/05/07 10:02:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Home Edition 7.1
O43 - CFD: 2014/09/03 14:06:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
O43 - CFD: 2014/05/14 15:59:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition
O43 - CFD: 2014/05/14 15:18:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCStitch 10
O43 - CFD: 2015/07/01 18:47:41 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Editor 4.5
O43 - CFD: 2014/09/30 12:38:10 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas SRP
O43 - CFD: 2014/05/14 15:12:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.6
O43 - CFD: 2014/08/13 13:55:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
O43 - CFD: 2015/06/13 09:58:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
O43 - CFD: 2015/06/13 09:57:49 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
O43 - CFD: 2015/03/30 20:58:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
O43 - CFD: 2015/07/10 16:09:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
O43 - CFD: 2014/05/14 16:22:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
O43 - CFD: 2015/06/13 09:58:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informática
O43 - CFD: 2015/07/01 11:44:17 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2011/02/05 15:00:59 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2014/10/13 18:39:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeryPDF PDF2Word v2.0
O43 - CFD: 2014/05/13 13:54:02 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 2015/03/10 14:12:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPDFEditor
O43 - CFD: 2014/12/23 07:17:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2014/07/02 10:55:04 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2014/05/14 15:57:48 - [] D -- C:\ProgramData\Ahead
O43 - CFD: 2015/02/26 17:20:10 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2015/02/08 18:02:36 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2009/07/14 01:53:55 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/07/01 20:16:28 - [] D -- C:\ProgramData\Aspell
O43 - CFD: 2014/05/13 13:00:30 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 2015/06/07 12:31:51 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 2015/07/06 16:36:04 - [] D -- C:\ProgramData\boost_interprocess
O43 - CFD: 2014/10/08 13:10:02 - [] D -- C:\ProgramData\Corel
O43 - CFD: 2014/05/13 10:16:56 - [0] SHD -- C:\ProgramData\Dados de aplicativos
O43 - CFD: 2014/05/13 18:30:14 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 2009/07/14 01:53:55 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2014/05/13 10:16:56 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 2009/07/14 01:53:55 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2009/07/14 01:53:55 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2014/05/13 10:16:56 - [0] SHD -- C:\ProgramData\Favoritos
O43 - CFD: 2014/10/19 07:36:16 - [] D -- C:\ProgramData\Foxit Advanced PDF Editor
O43 - CFD: 2015/07/11 09:11:28 - [] D -- C:\ProgramData\GAS Tecnologia
O43 - CFD: 2015/07/12 11:40:50 - [] D -- C:\ProgramData\GbPlugin
O43 - CFD: 2015/05/16 11:19:52 - [] D -- C:\ProgramData\GridinSoft
O43 - CFD: 2014/05/13 18:19:35 - [] D -- C:\ProgramData\Hewlett-Packard
O43 - CFD: 2014/06/08 10:10:05 - [] D -- C:\ProgramData\HP
O43 - CFD: 2015/01/09 15:13:15 - [] D -- C:\ProgramData\HP Photo Creations
O43 - CFD: 2015/05/07 09:29:53 - [] D -- C:\ProgramData\IObit
O43 - CFD: 2014/05/13 14:06:57 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2015/06/01 12:45:07 - [] D -- C:\ProgramData\Maxtor
O43 - CFD: 2014/05/13 10:16:56 - [0] SHD -- C:\ProgramData\Menu Iniciar
O43 - CFD: 2015/07/10 16:06:41 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/07/12 09:18:42 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2015/05/18 07:24:05 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 2014/05/13 10:16:56 - [0] SHD -- C:\ProgramData\Modelos
O43 - CFD: 2014/05/13 13:06:52 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2014/05/14 15:55:16 - [] D -- C:\ProgramData\Nero
O43 - CFD: 2015/01/02 08:28:02 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 2014/05/14 15:20:37 - [] D -- C:\ProgramData\PCStitch 10
O43 - CFD: 2015/03/04 10:05:31 - [] D -- C:\ProgramData\PDFEditor
O43 - CFD: 2015/06/13 09:58:37 - [] D -- C:\ProgramData\Protexis
O43 - CFD: 2014/12/13 10:35:39 - [] D -- C:\ProgramData\Razer
O43 - CFD: 2015/06/13 09:56:30 - [] D -- C:\ProgramData\Real
O43 - CFD: 2014/08/13 13:55:26 - [] D -- C:\ProgramData\RealNetworks
O43 - CFD: 2014/07/02 10:55:12 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2015/03/17 15:46:06 - [] D -- C:\ProgramData\Samsung
O43 - CFD: 2009/07/14 01:53:55 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2014/05/14 08:11:00 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2009/07/14 01:53:55 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/01/09 15:13:10 - [] D -- C:\ProgramData\Visan
O43 - CFD: 2015/07/12 15:56:44 - [] D -- C:\ProgramData\VMware
O43 - CFD: 2014/05/14 16:23:07 - [] D -- C:\ProgramData\Win7codecs
O43 - CFD: 2015/02/15 09:03:00 - [] D -- C:\ProgramData\Wondershare
O43 - CFD: 2014/09/20 10:03:07 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 2014/12/23 07:16:23 - [] D -- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 2014/05/14 15:56:40 - [] D -- C:\Program Files\Common Files\Ahead
O43 - CFD: 2014/08/17 09:10:26 - [] D -- C:\Program Files\Common Files\Autodesk Shared
O43 - CFD: 2014/07/19 14:03:20 - [] D -- C:\Program Files\Common Files\Bcgsoft
O43 - CFD: 2015/01/14 09:38:23 - [] D -- C:\Program Files\Common Files\Corel
O43 - CFD: 2015/07/10 21:21:00 - [] D -- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 2015/06/03 13:47:08 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 2015/05/07 09:26:48 - [] D -- C:\Program Files\Common Files\IObit
O43 - CFD: 2014/10/19 12:37:48 - [] D -- C:\Program Files\Common Files\Java
O43 - CFD: 2015/06/01 13:14:45 - [] D -- C:\Program Files\Common Files\Maxtor
O43 - CFD: 2015/07/10 16:08:16 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 2014/10/08 12:42:09 - [] D -- C:\Program Files\Common Files\Protexis
O43 - CFD: 2009/07/13 23:37:05 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 2014/05/13 10:16:56 - [0] D -- C:\Program Files\Common Files\Sistema
O43 - CFD: 2009/07/13 23:37:05 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2015/07/10 16:21:28 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 2015/06/03 15:45:26 - [] D -- C:\Program Files\Common Files\VMware
O43 - CFD: 2014/05/13 13:40:12 - [] D -- C:\Program Files\Common Files\Windows Live
O43 - CFD: 2014/08/13 13:55:10 - [] D -- C:\Program Files\Common Files\xing shared
O43 - CFD: 2015/07/10 16:32:00 - [] D -- C:\Users\euclides\AppData\Roaming\Adobe
O43 - CFD: 2014/08/21 15:27:59 - [] D -- C:\Users\euclides\AppData\Roaming\Adobe Mini Bridge CS5
O43 - CFD: 2014/05/15 10:46:59 - [] D -- C:\Users\euclides\AppData\Roaming\Ahead
O43 - CFD: 2015/05/07 09:27:01 - [] D -- C:\Users\euclides\AppData\Roaming\Apple Computer
O43 - CFD: 2014/07/30 20:06:55 - [] D -- C:\Users\euclides\AppData\Roaming\Auslogics
O43 - CFD: 2014/05/13 13:02:37 - [] D -- C:\Users\euclides\AppData\Roaming\AVAST Software
O43 - CFD: 2014/05/14 15:13:08 - [] D -- C:\Users\euclides\AppData\Roaming\Blender Foundation
O43 - CFD: 2015/03/03 18:15:23 - [] D -- C:\Users\euclides\AppData\Roaming\CAD-KAS
O43 - CFD: 2015/07/09 17:11:32 - [] D -- C:\Users\euclides\AppData\Roaming\CadSoft
O43 - CFD: 2015/03/11 10:19:41 - [] D -- C:\Users\euclides\AppData\Roaming\Corel
O43 - CFD: 2015/01/14 09:32:15 - [] D -- C:\Users\euclides\AppData\Roaming\CorelCAD
O43 - CFD: 2015/01/15 09:27:40 - [] D -- C:\Users\euclides\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 2015/02/27 11:40:48 - [] D -- C:\Users\euclides\AppData\Roaming\Driver Magician
O43 - CFD: 2015/01/20 07:48:30 - [] D -- C:\Users\euclides\AppData\Roaming\Dropbox
O43 - CFD: 2014/12/14 17:08:33 - [] D -- C:\Users\euclides\AppData\Roaming\e-academy Inc
O43 - CFD: 2015/07/01 20:16:29 - [] D -- C:\Users\euclides\AppData\Roaming\Foxit Advanced PDF Editor
O43 - CFD: 2014/10/19 12:09:22 - [] D -- C:\Users\euclides\AppData\Roaming\Foxit Software
O43 - CFD: 2015/05/11 14:46:51 - [] D -- C:\Users\euclides\AppData\Roaming\HD Tune Pro
O43 - CFD: 2014/07/01 12:15:05 - [] D -- C:\Users\euclides\AppData\Roaming\HpUpdate
O43 - CFD: 2014/05/13 10:19:43 - [] D -- C:\Users\euclides\AppData\Roaming\Identities
O43 - CFD: 2015/06/22 14:19:45 - [] D -- C:\Users\euclides\AppData\Roaming\InstallShield
O43 - CFD: 2015/05/07 09:27:15 - [] D -- C:\Users\euclides\AppData\Roaming\IObit
O43 - CFD: 2015/02/24 10:40:38 - [] D -- C:\Users\euclides\AppData\Roaming\IPCamWizard
O43 - CFD: 2014/05/13 13:11:58 - [] D -- C:\Users\euclides\AppData\Roaming\Macromedia
O43 - CFD: 2011/02/05 15:00:59 - [0] D -- C:\Users\euclides\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/07/08 17:40:14 - [] SD -- C:\Users\euclides\AppData\Roaming\Microsoft
O43 - CFD: 2014/05/13 13:07:08 - [] D -- C:\Users\euclides\AppData\Roaming\Mozilla
O43 - CFD: 2015/06/08 18:03:46 - [] D -- C:\Users\euclides\AppData\Roaming\PCStitch 10
O43 - CFD: 2015/02/01 15:04:58 - [] D -- C:\Users\euclides\AppData\Roaming\qet
O43 - CFD: 2014/08/14 15:54:51 - [] D -- C:\Users\euclides\AppData\Roaming\Real
O43 - CFD: 2014/08/13 13:56:15 - [] D -- C:\Users\euclides\AppData\Roaming\RealNetworks
O43 - CFD: 2014/12/16 17:36:28 - [] D -- C:\Users\euclides\AppData\Roaming\Samsung
O43 - CFD: 2015/03/10 11:41:04 - [] D -- C:\Users\euclides\AppData\Roaming\SoftInterface, Inc
O43 - CFD: 2015/07/02 09:04:27 - [] D -- C:\Users\euclides\AppData\Roaming\Software Tool
O43 - CFD: 2014/08/21 15:27:59 - [] D -- C:\Users\euclides\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 2015/06/07 13:49:39 - [] D -- C:\Users\euclides\AppData\Roaming\TeamViewer
O43 - CFD: 2015/07/10 15:27:05 - [] D -- C:\Users\euclides\AppData\Roaming\uTorrent
O43 - CFD: 2014/06/08 10:36:50 - [] D -- C:\Users\euclides\AppData\Roaming\Visan
O43 - CFD: 2015/07/01 10:59:33 - [] D -- C:\Users\euclides\AppData\Roaming\VMware
O43 - CFD: 2014/05/14 16:23:07 - [] D -- C:\Users\euclides\AppData\Roaming\Win7codecs
O43 - CFD: 2015/06/13 12:20:33 - [] D -- C:\Users\euclides\AppData\Roaming\Windows Live Writer
O43 - CFD: 2014/05/13 17:28:37 - [] D -- C:\Users\euclides\AppData\Roaming\WinRAR
O43 - CFD: 2015/03/10 14:14:46 - [] D -- C:\Users\euclides\AppData\Roaming\YCanPDF
O43 - CFD: 2015/07/12 16:31:25 - [] D -- C:\Users\euclides\AppData\Roaming\ZHP
O43 - CFD: 2015/06/14 11:57:36 - [] D -- C:\Users\euclides\AppData\Local\Adobe
O43 - CFD: 2014/09/30 15:07:40 - [] D -- C:\Users\euclides\AppData\Local\Ahead
O43 - CFD: 2015/02/08 18:01:36 - [] D -- C:\Users\euclides\AppData\Local\Apple
O43 - CFD: 2015/02/08 18:06:11 - [] D -- C:\Users\euclides\AppData\Local\Apple Computer
O43 - CFD: 2014/10/19 07:36:14 - [] D -- C:\Users\euclides\AppData\Local\Aspell
O43 - CFD: 2015/01/14 09:32:15 - [] D -- C:\Users\euclides\AppData\Local\Corel Corporation
O43 - CFD: 2014/05/13 10:19:26 - [0] SHD -- C:\Users\euclides\AppData\Local\Dados de aplicativos
O43 - CFD: 2015/03/17 15:44:23 - [] D -- C:\Users\euclides\AppData\Local\Downloaded Installations
O43 - CFD: 2014/12/14 17:08:33 - [] D -- C:\Users\euclides\AppData\Local\e-academy Inc
O43 - CFD: 2015/06/24 09:23:56 - [] D -- C:\Users\euclides\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2014/10/19 07:36:17 - [] D -- C:\Users\euclides\AppData\Local\Foxit Advanced PDF Editor
O43 - CFD: 2015/05/28 13:10:30 - [] D -- C:\Users\euclides\AppData\Local\GAS Tecnologia
O43 - CFD: 2015/07/11 16:08:30 - [] D -- C:\Users\euclides\AppData\Local\Google
O43 - CFD: 2015/06/01 11:52:16 - [] D -- C:\Users\euclides\AppData\Local\GWX
O43 - CFD: 2014/05/13 10:19:26 - [0] SHD -- C:\Users\euclides\AppData\Local\Histórico
O43 - CFD: 2014/06/08 10:14:52 - [] D -- C:\Users\euclides\AppData\Local\HP
O43 - CFD: 2014/05/13 13:11:58 - [] D -- C:\Users\euclides\AppData\Local\Macromedia
O43 - CFD: 2015/07/09 11:46:19 - [] D -- C:\Users\euclides\AppData\Local\Microsoft
O43 - CFD: 2014/05/31 23:11:11 - [] D -- C:\Users\euclides\AppData\Local\Microsoft Games
O43 - CFD: 2014/05/13 18:32:18 - [0] D -- C:\Users\euclides\AppData\Local\Microsoft Help
O43 - CFD: 2014/05/13 13:07:09 - [] D -- C:\Users\euclides\AppData\Local\Mozilla
O43 - CFD: 2014/05/13 13:33:25 - [] D -- C:\Users\euclides\AppData\Local\Programs
O43 - CFD: 2014/12/13 11:22:19 - [] D -- C:\Users\euclides\AppData\Local\Razer_Inc
O43 - CFD: 2014/09/03 13:33:15 - [] D -- C:\Users\euclides\AppData\Local\Samsung
O43 - CFD: 2014/06/13 17:39:53 - [] D -- C:\Users\euclides\AppData\Local\Sports Interactive
O43 - CFD: 2015/07/12 16:31:09 - [] D -- C:\Users\euclides\AppData\Local\Temp
O43 - CFD: 2014/05/13 10:19:26 - [0] SHD -- C:\Users\euclides\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/03/30 12:36:10 - [] D -- C:\Users\euclides\AppData\Local\VirtualStore
O43 - CFD: 2015/07/01 10:59:33 - [] D -- C:\Users\euclides\AppData\Local\VMware
O43 - CFD: 2015/07/09 11:47:39 - [] D -- C:\Users\euclides\AppData\Local\Windows Live
O43 - CFD: 2015/03/11 14:11:24 - [] D -- C:\Users\euclides\AppData\Local\Windows Live Writer
O43 - CFD: 2009/07/14 01:42:04 - [] RD -- C:\Users\euclides\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/03/12 08:53:24 - [] RD -- C:\Users\euclides\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2014/05/14 15:13:14 - [] D -- C:\Users\euclides\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender Foundation
O43 - CFD: 2015/05/28 17:53:10 - [] D -- C:\Users\euclides\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
O43 - CFD: 2015/06/07 12:31:26 - [] D -- C:\Users\euclides\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 2014/05/14 09:35:49 - [0] D -- C:\Users\euclides\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GV250
O43 - CFD: 2009/07/14 01:37:42 - [] RD -- C:\Users\euclides\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/05/13 14:12:36 - [] D -- C:\Users\euclides\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 2014/07/19 14:03:12 - [] D -- C:\Users\euclides\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rivo
O43 - CFD: 2015/06/06 21:10:30 - [] D -- C:\Users\euclides\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RMPrepUSB
O43 - CFD: 2015/04/12 09:37:35 - [0] RD -- C:\Users\euclides\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2014/12/23 07:17:44 - [] D -- C:\Users\euclides\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53) (19) - 1s
O53 - SMSR:HKLM\...\startupreg\command . (.Samsung - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Creative Cloud [Key] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
O53 - SMSR:HKLM\...\startupreg\AdobeAAMUpdater-1.0 [Key] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O53 - SMSR:HKLM\...\startupreg\AdobeCS5ServiceManager [Key] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O53 - SMSR:HKLM\...\startupreg\AlcoholAutomount [Key] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O53 - SMSR:HKLM\...\startupreg\BCSSync [Key] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
O53 - SMSR:HKLM\...\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O53 - SMSR:HKLM\...\startupreg\Diebold - Warsaw [Key] . (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) -- C:\Program Files\Diebold\Warsaw\core.exe
O53 - SMSR:HKLM\...\startupreg\HP Deskjet 3510 series (NET) [Key] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O53 - SMSR:HKLM\...\startupreg\KiesPreload [Key] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O53 - SMSR:HKLM\...\startupreg\KiesTrayAgent [Key] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O53 - SMSR:HKLM\...\startupreg\Sidebar [Key] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O53 - SMSR:HKLM\...\startupreg\SwitchBoard [Key] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O53 - SMSR:HKLM\...\startupreg\vmware-tray.exe [Key] . (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files\VMware\VMware Workstation\vmware-tray.exe

---\\ Lista dos drivers do sistema (SDL) (O58) (109) - 8s
O58 - SDL:2009/07/13 22:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [422976]
O58 - SDL:2009/07/13 22:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297552]
O58 - SDL:2009/07/13 22:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [146512]
O58 - SDL:2006/12/04 16:25:20 A . (.GeoVision Inc. - Audio card driver.) -- C:\Windows\System32\drivers\AGV.sys [189112]
O58 - SDL:2003/07/03 01:02:02 A . (.GeoVision Inc. - Audio card driver.) -- C:\Windows\System32\drivers\AGV250.sys [85678]
O58 - SDL:2009/07/13 22:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14400]
O58 - SDL:2011/03/11 02:38:37 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [80256]
O58 - SDL:2009/07/13 22:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [159312]
O58 - SDL:2011/03/11 02:38:37 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22400]
O58 - SDL:2009/07/13 22:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [76368]
O58 - SDL:2009/07/13 22:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [86608]
O58 - SDL:2015/06/13 10:13:51 A . (...) -- C:\Windows\System32\drivers\aswHwid.sys [24144]
O58 - SDL:2015/06/13 10:13:51 A . (.Avast Software s.r.o. - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [74976]
O58 - SDL:2015/06/13 10:13:51 A . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [81728]
O58 - SDL:2015/06/13 10:13:51 A . (...) -- C:\Windows\System32\drivers\aswRvrt.sys [49904]
O58 - SDL:2015/06/13 10:13:15 A . (.Avast Software s.r.o. - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys [787760]
O58 - SDL:2015/06/26 13:41:38 A . (.Avast Software s.r.o. - avast! self protection module.) -- C:\Windows\System32\drivers\aswsp.sys [428120]
O58 - SDL:2015/06/13 10:13:52 A . (.Avast Software s.r.o. - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [106912]
O58 - SDL:2015/06/13 10:13:51 A . (...) -- C:\Windows\System32\drivers\aswVmm.sys [209048]
O58 - SDL:2009/08/18 03:48:06 A . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [4994560]
O58 - SDL:2009/07/13 19:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys [229888]
O58 - SDL:2009/07/13 19:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568]
O58 - SDL:2009/07/13 19:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248]
O58 - SDL:2009/07/13 21:57:25 A . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [272128]
O58 - SDL:2009/07/13 19:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336]
O58 - SDL:2009/07/13 19:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:2009/07/13 19:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904]
O58 - SDL:2009/07/13 19:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys [430080]
O58 - SDL:2009/07/13 22:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [15952]
O58 - SDL:2009/07/13 22:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [70720]
O58 - SDL:2014/05/13 13:32:12 A . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\drivers\dtsoftbus01.sys [243128]
O58 - SDL:2009/07/13 19:02:50 A . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserializ.) -- C:\Windows\System32\drivers\E1G60I32.sys [118784]
O58 - SDL:2009/07/13 22:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [453712]
O58 - SDL:2009/07/13 19:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys [3100160]
O58 - SDL:2014/09/02 08:31:02 A . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\System32\drivers\gbpkm.sys [46552]
O58 - SDL:2014/06/04 10:47:24 A . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) -- C:\Windows\System32\drivers\gbpndisrdn.sys [29400]
O58 - SDL:2007/03/29 05:36:42 A . (.GeoVision Inc. - Capture card driver..) -- C:\Windows\System32\drivers\GV250.sys [63560]
O58 - SDL:2004/10/14 18:16:22 A . (.GeoVision Inc. - Real-time display driver.) -- C:\Windows\System32\drivers\GVDSP.sys [21920]
O58 - SDL:2004/10/28 15:26:26 A . (.GeoVision Inc. - Real-time display 8 port driver.) -- C:\Windows\System32\drivers\GVDSP8P.sys [21952]
O58 - SDL:2006/12/04 16:25:16 A . (.GeoVision Inc. - MPEG2 Encoder Card.) -- C:\Windows\System32\drivers\gvmp2.sys [300712]
O58 - SDL:2005/01/14 06:16:32 RA . (.GeoVision Inc. - GvTect.sys.) -- C:\Windows\System32\drivers\GvTect.sys [20712]
O58 - SDL:2007/12/14 03:30:24 RA . (.GeoVision - GVUSBD.sys.) -- C:\Windows\System32\drivers\GVUSBD.sys [39360]
O58 - SDL:2013/10/09 08:04:10 A . (.VMware, Inc. - VMware USB monitor.) -- C:\Windows\System32\drivers\hcmon.sys [43192]
O58 - SDL:2009/07/13 19:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [26624]
O58 - SDL:2009/07/13 22:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [67152]
O58 - SDL:2011/03/11 02:38:51 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332160]
O58 - SDL:2009/07/13 22:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41040]
O58 - SDL:2009/07/13 22:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [95824]
O58 - SDL:2009/07/13 22:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [89168]
O58 - SDL:2009/07/13 22:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [54864]
O58 - SDL:2009/07/13 22:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [96848]
O58 - SDL:2015/04/14 09:37:42 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [23256]
O58 - SDL:2015/04/14 09:37:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [92888]
O58 - SDL:2015/07/12 16:04:37 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512]
O58 - SDL:2009/07/13 22:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [30800]
O58 - SDL:2009/07/13 22:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [235584]
O58 - SDL:2015/04/14 09:37:54 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [51928]
O58 - SDL:2010/04/07 12:16:16 A . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr61.sys [376160]
O58 - SDL:2009/07/13 22:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [44624]
O58 - SDL:2011/03/11 02:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117120]
O58 - SDL:2011/03/11 02:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [143744]
O58 - SDL:2009/07/13 22:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1383488]
O58 - SDL:2009/07/13 22:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106064]
O58 - SDL:2009/07/13 19:02:52 A . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\Windows\System32\drivers\Rt86win7.sys [139776]
O58 - SDL:2009/07/13 19:02:52 A . (.Realtek Semiconductor Corporation - Realtek 10/100 NDIS 5.1 Driver.) -- C:\Windows\System32\drivers\Rtnicxp.sys [43008]
O58 - SDL:2009/07/13 17:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480]
O58 - SDL:2004/10/20 04:03:12 RA . (.Prolific Technology Inc. - USB-to-Serial Cable Driver.) -- C:\Windows\System32\drivers\ser2pl.sys [110976]
O58 - SDL:2009/07/13 20:45:33 A . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\serial.sys [83456]
O58 - SDL:2009/07/13 22:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [40016]
O58 - SDL:2009/07/13 22:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [77888]
O58 - SDL:2014/05/14 08:51:25 A . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\drivers\sptd.sys [320120]
O58 - SDL:2014/10/13 02:57:48 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [89856]
O58 - SDL:2014/10/13 02:57:48 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [184192]
O58 - SDL:2009/07/13 22:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [21072]
O58 - SDL:2014/08/15 21:35:00 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl.sys [45056]
O58 - SDL:2009/07/13 22:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [16976]
O58 - SDL:2013/10/08 18:20:50 A . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\Windows\System32\drivers\vmci.sys [71888]
O58 - SDL:2013/10/18 12:44:58 A . (.VMware, Inc. - VMware virtual network driver (32-bit).) -- C:\Windows\System32\drivers\vmnet.sys [20048]
O58 - SDL:2013/10/18 12:44:58 A . (.VMware, Inc. - VMware virtual network adapter driver (32-b.) -- C:\Windows\System32\drivers\vmnetadapter.sys [17104]
O58 - SDL:2013/10/18 12:44:58 A . (.VMware, Inc. - VMware bridge driver (32-bit).) -- C:\Windows\System32\drivers\vmnetbridge.sys [37456]
O58 - SDL:2013/10/18 12:46:18 A . (.VMware, Inc. - VMware network application interface driver.) -- C:\Windows\System32\drivers\vmnetuserif.sys [26192]
O58 - SDL:2013/10/18 12:45:46 A . (.VMware, Inc. - VMware parallel port driver.) -- C:\Windows\System32\drivers\vmparport.sys [24272]
O58 - SDL:2013/10/09 08:03:42 A . (.VMware, Inc. - VMware USB driver.) -- C:\Windows\System32\drivers\vmusb.sys [31928]
O58 - SDL:2013/10/18 12:46:16 A . (.VMware, Inc. - VMware kernel driver.) -- C:\Windows\System32\drivers\vmx86.sys [65488]
O58 - SDL:2009/07/13 22:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [141904]
O58 - SDL:2013/10/08 18:20:56 A . (.VMware, Inc. - VMware vSockets Service.) -- C:\Windows\System32\drivers\vsock.sys [63824]
O58 - SDL:2009/07/13 19:13:47 A . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\Windows\System32\drivers\VSTBS23.SYS [266752]
O58 - SDL:2009/07/13 19:13:45 A . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\System32\drivers\VSTCNXT3.SYS [661504]
O58 - SDL:2009/07/13 19:13:46 A . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\System32\drivers\VSTDPV3.SYS [980992]
O58 - SDL:2013/02/22 03:28:26 A . (.VMware, Inc. - VMware Virtual Storage Volume Driver.) -- C:\Windows\System32\drivers\vstor2-mntapi20-shared.sys [23632]
O58 - SDL:2009/07/13 19:02:53 A . (.Marvell - Driver de Miniporta para o Marvell Yukon Et.) -- C:\Windows\System32\drivers\yk62x86.sys [311296]
O58 - SDL:2009/07/13 18:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:2009/07/13 18:40:44 A . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:2009/07/13 18:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:2009/07/13 18:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:2009/07/13 18:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:2009/07/13 18:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:2009/07/13 18:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:2009/07/13 18:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:2009/07/13 18:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:2009/07/13 18:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:2009/07/13 18:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:2009/07/13 18:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:2009/07/13 18:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:2009/07/13 18:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:2009/07/13 18:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
O58 - SDL:2012/01/18 15:55:56 N . (...) -- C:\Windows\System32\pwdrvio.sys [16472]
O58 - SDL:2012/01/18 15:55:54 N . (...) -- C:\Windows\System32\pwdspio.sys [11104]
O58 - SDL:2015/02/13 15:47:22 A . (.Basil's Projects - WinDivert network packet capture and (re)in.) -- C:\Windows\System32\WinDivert32.sys [30936]

---\\ Últimos ficheiros alterados ou criados (Utilizador) (061) (2) - 65s
O61 - LFC: 2015/07/11 11:54:01 A . (..) -- C:\Users\euclides\AppData\Local\Microsoft\Windows\1046\StructuredQuerySchema.bin [320755]
O61 - LFC: 2015/07/11 17:15:24 A . (..) -- C:\Users\euclides\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin [153582]

---\\ Associações Shell Spawning (O67) (9) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

---\\ Menu de inicialização Internet (068) (8) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069) (5) - 5s
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - (Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/

---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83) (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\System32\srvsvc.dll [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\System32\gpsvc.dll [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\IKEEXT.DLL [679424]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\audiosrv.dll [475136]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\Windows\System32\Sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windo.) -- C:\Windows\System32\tapisrv.dll [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor.) -- C:\Windows\System32\termsrv.dll [523776]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2020864]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de pla.) -- C:\Windows\System32\qmgr.dll [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\Windows\System32\iphlpsvc.dll [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\System32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\System32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164864]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\System32\KMSVC.DLL [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\System32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [149504]

---\\ Lista das exceções do FireWall (FirewallRules) (O87) (57) - 3s
O87 - FAEL: "{3A77600D-76C3-4BA9-AA82-2F52A6ADDD75}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\euclides\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{9958288B-5FB0-42BE-AF3E-D1A50FEB3991}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\euclides\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{7A981702-8A3F-4CD6-9786-24DD44597DF8}C:\program files\java\jre7\bin\java.exe" [In-None-P6-TRUE] .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files\java\jre7\bin\java.exe
O87 - FAEL: "UDP Query User{718BEDA8-60D0-4107-B75F-C4B0D85B2723}C:\program files\java\jre7\bin\java.exe" [In-None-P17-TRUE] .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files\java\jre7\bin\java.exe
O87 - FAEL: "{AEC43D25-6F7A-4D5F-AA2D-8A43565C90A5}" [In-None-P6-TRUE] .(.Corel Corporation - CorelDRAW X7.) -- c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelDrw.exe
O87 - FAEL: "{049ADE2A-21A6-4106-BF44-E8DE1809622F}" [In-None-P6-TRUE] .(.Corel Corporation - Corel PHOTO-PAINT X7.) -- c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelPP.exe
O87 - FAEL: "{DB8A74D8-3B9A-4A06-9EFB-6C9B9F9645BD}" [In-None-P6-TRUE] .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe
O87 - FAEL: "{15738088-A7E7-4EA7-BDA0-CA5543C905BE}" [In-None-P17-TRUE] .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe
O87 - FAEL: "TCP Query User{C3251144-6161-4745-A154-C6594339DA94}C:\program files\ajt\deviceclient\deviceclient.exe" [In-None-P6-TRUE] .(.object - DeviceClient.) -- C:\program files\ajt\deviceclient\deviceclient.exe
O87 - FAEL: "UDP Query User{C49529A8-BED3-4125-95F8-63D7D757B7E8}C:\program files\ajt\deviceclient\deviceclient.exe" [In-None-P17-TRUE] .(.object - DeviceClient.) -- C:\program files\ajt\deviceclient\deviceclient.exe
O87 - FAEL: "{134CBE56-30AA-46FD-AF1E-2CDD3E21F36D}" [In-None-P17-TRUE] .(.GAS Tecnologia LTDA - GAS Tecnologia - Core.) -- C:\Program Files\Diebold\Warsaw\core.exe
O87 - FAEL: "{7DA9AFB0-386F-42B3-A8B2-62EF182E88FD}" [In-None-P6-TRUE] .(.AVAST Software - avast! NG front end.) -- C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
O87 - FAEL: "{E0968CDD-E66F-46BC-BE9B-D5CE7229BA8C}" [In-None-P17-TRUE] .(.AVAST Software - avast! NG front end.) -- C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
O87 - FAEL: "{9943C22D-EC99-4DBD-933B-65C03E266B07}" [In-None-P6-TRUE] .(. - Multicam Surveillance System (Ptu).) -- C:\GV250\GV250.exe
O87 - FAEL: "{6A73E4AD-A2DA-4918-BEA0-A375A7A98BC7}" [In-None-P17-TRUE] .(. - Multicam Surveillance System (Ptu).) -- C:\GV250\GV250.exe
O87 - FAEL: "{4BFC7760-9ABF-4603-BCB9-4C9B97B7B31B}" [In-None-P6-TRUE] .(. - Multicast Application (Ptu).) -- C:\GV250\DMMcast.exe
O87 - FAEL: "{295C9605-C7D6-43C1-BD9E-AC47B8D70A90}" [In-None-P17-TRUE] .(. - Multicast Application (Ptu).) -- C:\GV250\DMMcast.exe
O87 - FAEL: "{E8578F67-04C8-4B98-93F6-50AB77D7BC5D}" [In-None-P6-TRUE] .(. - TcpSvr Application.) -- C:\GV250\TCPsvr.exe
O87 - FAEL: "{F88F7624-7607-4196-AA95-4997C05D3D88}" [In-None-P17-TRUE] .(. - TcpSvr Application.) -- C:\GV250\TCPsvr.exe
O87 - FAEL: "{AC86B8DD-1752-4BE6-B68E-8C0488F9D290}" [In-None-P6-TRUE] .(.Copyright (C) 2002-2006 - HTTP Server.) -- C:\GV250\WebCamServer.exe
O87 - FAEL: "{09496FC6-6AAE-488C-A67A-2352B6557D9A}" [In-None-P17-TRUE] .(.Copyright (C) 2002-2006 - HTTP Server.) -- C:\GV250\WebCamServer.exe
O87 - FAEL: "{9AF1795E-867F-4E88-BACB-94A32A22B89C}" [In-None-P6-TRUE] .(.Copyright (C) 2003 - AudioServer.) -- C:\GV250\AudioServer.exe
O87 - FAEL: "{A6D66535-2FD3-45E5-A41F-CE69E43E7075}" [In-None-P17-TRUE] .(.Copyright (C) 2003 - AudioServer.) -- C:\GV250\AudioServer.exe
O87 - FAEL: "{3A184570-45CF-486F-A811-D67D0616C964}" [In-None-P6-TRUE] .(. - WebCam.) -- C:\GV250\DMWebCam.exe
O87 - FAEL: "{1CA7A0D9-8947-4364-9B21-998B20E8066A}" [In-None-P17-TRUE] .(. - WebCam.) -- C:\GV250\DMWebCam.exe
O87 - FAEL: "{5BD2830A-A394-4B32-851D-F40E6F4F20E4}" [In-None-P6-TRUE] .(.Copyright (C) 2006 - 2008. All rights reserved. - Control Center Server (Ptu).) -- C:\GV250\CMSvr.exe
O87 - FAEL: "{497267B5-4DAF-431A-8C4C-3E033F91BB68}" [In-None-P17-TRUE] .(.Copyright (C) 2006 - 2008. All rights reserved. - Control Center Server (Ptu).) -- C:\GV250\CMSvr.exe
O87 - FAEL: "{3FEF5AF0-EEF9-4BC4-B069-F982DC8815B2}" [In-None-P6-TRUE] .(.Copyright (C) 2007. All rights reserved. - ViewLog Server.) -- C:\GV250\VLSvr.exe
O87 - FAEL: "{DDF46F8E-B907-4BFF-980D-5731FEC47670}" [In-None-P17-TRUE] .(.Copyright (C) 2007. All rights reserved. - ViewLog Server.) -- C:\GV250\VLSvr.exe
O87 - FAEL: "{07E4A8A6-F8E4-45F5-A0B8-F091BE947067}" [In-None-P17-TRUE] .(.VMware, Inc. - VMware Authorization Service.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O87 - FAEL: "{F455D983-8D17-4742-BFD6-3092E9589A47}" [In-None-P17-TRUE] .(.VMware, Inc. - VMware Authorization Service.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O87 - FAEL: "{3FF61AC7-3340-41C4-8E27-6C0DC6BA6E12}" [In-None-P17-TRUE] .(...) -- C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
O87 - FAEL: "{0B63591F-5DDD-4DCA-B459-8B5DA30346AC}" [In-None-P17-TRUE] .(...) -- C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
O87 - FAEL: "{97A7B7DF-FE61-45CB-AC82-C9EA53E71D4D}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer.exe
O87 - FAEL: "{575BA166-381C-4347-9805-8E3F81A6CF41}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer.exe
O87 - FAEL: "{0F8FFF7D-E29A-44F2-A582-D7F03EA03321}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe
O87 - FAEL: "{B490A029-499F-4C21-A066-8775A14505F0}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe
O87 - FAEL: "{400B36F6-20C2-40BA-9CEF-573F42B318AD}" [In-None-P6-TRUE] .(.AVAST Software - avast! NG front end.) -- C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
O87 - FAEL: "{5E569B08-ADD1-45E0-941A-9202E2933AAE}" [In-None-P17-TRUE] .(.AVAST Software - avast! NG front end.) -- C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
O87 - FAEL: "{6464CC37-2F1A-433E-BE96-B40E35D76F83}" [In-None-P6-TRUE] .(.search tool - IPCamera(H series tools).) -- C:\Users\euclides\Downloads\Manual e software do usuário em português\Manual do usuário em português\Pesquisa ferramenta\HMSearch_en.exe
O87 - FAEL: "{FFC68689-3A71-423E-BF04-922A1CB9734E}" [In-None-P17-TRUE] .(.search tool - IPCamera(H series tools).) -- C:\Users\euclides\Downloads\Manual e software do usuário em português\Manual do usuário em português\Pesquisa ferramenta\HMSearch_en.exe
O87 - FAEL: "{E4C45DA2-83F2-4408-98AD-38F82D3D6BF7}" [In-None-P6-TRUE] .(. - Multicam Surveillance System (Ptu).) -- C:\GV250\GV250.exe
O87 - FAEL: "{A2F9DA15-2823-4C93-AC54-F470F082A35D}" [In-None-P17-TRUE] .(. - Multicam Surveillance System (Ptu).) -- C:\GV250\GV250.exe
O87 - FAEL: "{4C8BFA57-FA82-456F-AAFA-ADF540CFA01E}" [In-None-P6-TRUE] .(. - Multicast Application (Ptu).) -- C:\GV250\DMMcast.exe
O87 - FAEL: "{D0A132F8-93F1-44A1-A1C9-F9F71E7A6631}" [In-None-P17-TRUE] .(. - Multicast Application (Ptu).) -- C:\GV250\DMMcast.exe
O87 - FAEL: "{B058BC40-2DC5-4865-BF59-7D269111CC94}" [In-None-P6-TRUE] .(. - TcpSvr Application.) -- C:\GV250\TCPsvr.exe
O87 - FAEL: "{56836278-F4A2-4F6D-87A4-1D253B7D1E01}" [In-None-P17-TRUE] .(. - TcpSvr Application.) -- C:\GV250\TCPsvr.exe
O87 - FAEL: "{B5772D46-AD04-4FD9-97F2-493EE94B2465}" [In-None-P6-TRUE] .(.Copyright (C) 2002-2006 - HTTP Server.) -- C:\GV250\WebCamServer.exe
O87 - FAEL: "{18E83DA2-0380-464F-B6DF-5B423BDAECC3}" [In-None-P17-TRUE] .(.Copyright (C) 2002-2006 - HTTP Server.) -- C:\GV250\WebCamServer.exe
O87 - FAEL: "{5C7EE7E7-A787-4214-A773-2575663976FD}" [In-None-P6-TRUE] .(.Copyright (C) 2003 - AudioServer.) -- C:\GV250\AudioServer.exe
O87 - FAEL: "{239A9A80-4402-4F92-AC1C-0A0168092813}" [In-None-P17-TRUE] .(.Copyright (C) 2003 - AudioServer.) -- C:\GV250\AudioServer.exe
O87 - FAEL: "{D144F12D-23A9-4FD0-98A6-91DF41D4263B}" [In-None-P6-TRUE] .(. - WebCam.) -- C:\GV250\DMWebCam.exe
O87 - FAEL: "{5059A482-C543-43ED-BD59-FDEFA55F0456}" [In-None-P17-TRUE] .(. - WebCam.) -- C:\GV250\DMWebCam.exe
O87 - FAEL: "{27232C13-B51D-4962-A202-E8662A67E06E}" [In-None-P6-TRUE] .(.Copyright (C) 2006 - 2008. All rights reserved. - Control Center Server (Ptu).) -- C:\GV250\CMSvr.exe
O87 - FAEL: "{7BAA2128-9453-4EE0-9EF9-60B20839FCBC}" [In-None-P17-TRUE] .(.Copyright (C) 2006 - 2008. All rights reserved. - Control Center Server (Ptu).) -- C:\GV250\CMSvr.exe
O87 - FAEL: "{CB8481CF-88FD-4236-9113-E239D2E2F6BE}" [In-None-P6-TRUE] .(.Copyright (C) 2007. All rights reserved. - ViewLog Server.) -- C:\GV250\VLSvr.exe
O87 - FAEL: "{4D2F7555-B763-4C66-82B5-05E13A43D912}" [In-None-P17-TRUE] .(.Copyright (C) 2007. All rights reserved. - ViewLog Server.) -- C:\GV250\VLSvr.exe

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados) (26) - 18s
SR - Auto [2015/06/12 09:25:00] [ 82112] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - Demand [2015/07/09 12:46:18] [ 268976] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - Auto [2009/08/18 02:36:08] [ 176128] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - Auto [2015/06/13 10:13:25] [ 343336] Avast Antivirus (avast! Antivirus) . (.Avast Software s.r.o..) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - Demand [2015/06/13 10:13:02] [ 3207800] AvastVBox COM Service (AvastVBoxSvc) . (.Avast Software.) - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
SS - Auto [2012/01/05 12:42:34] [ 75624] Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) . (.Alcohol Soft Development Team.) - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
SR - Auto [2011/08/30 22:05:02] [ 390504] Serviço do Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - Auto [2015/01/20 20:54:34] [ 565560] Gbp Service (GbpSv) . (.GAS Tecnologia.) - C:\Program Files\GbPlugin\gbpsv.exe
SR - Auto [2015/04/14 09:36:28] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - Auto [2015/04/14 09:36:30] [ 1080120] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
SS - Demand [2015/06/03 13:47:24] [ 148080] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - Demand [2007/04/13 21:09:56] [ 792112] NBService (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - Demand [2007/05/16 09:27:28] [ 271920] NMIndexingService (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
SR - Auto [2013/09/13 12:24:54] [ 277360] Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) . (.arvato digital services llc.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SR - Auto [2013/08/14 15:19:22] [ 39056] RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SS - Auto [2014/10/19 23:59:10] [ 367616] Razer Wizard Service (RzWizardService) . (.Razer Inc..) - C:\Program Files\Razer\RzWizard\RzWizardService.exe
SR - Auto [2014/10/13 02:57:46] [ 743688] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
SR - Auto [2009/12/23 18:34:20] [ 370688] StarWind AE Service (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
SS - Demand [2010/02/19 13:37:14] [ 517096] (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SR - Auto [2015/06/01 08:12:22] [ 5495056] TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\TeamViewer_Service.exe
SR - Auto [2013/10/18 11:52:30] [ 86096] VMware Authorization Service (VMAuthdService) . (.VMware, Inc..) - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
SR - Auto [2013/10/18 12:45:46] [ 358480] VMware DHCP Service (VMnetDHCP) . (.VMware, Inc..) - C:\Windows\System32\vmnetdhcp.exe
SR - Auto [2013/10/09 08:03:54] [ 721464] VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
SR - Auto [2013/10/18 12:45:50] [ 437328] VMware NAT Service (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\System32\vmnat.exe
SS - Auto [2013/10/18 12:10:34] [14405200] VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
SR - Auto [2015/02/13 15:47:22] [ 507704] Warsaw Technology (Warsaw Technology) . (.GAS Tecnologia LTDA.) - C:\Program Files\Diebold\Warsaw\core.exe

---\\ Scâner Aditional (088) (1) - 0s
~ Nenhum ítem malicioso foi encontrado.

---\\ Sumário das deteções encontradas na sua estação (1) - 0s
~ Nenhum ítem malicioso foi encontrado.

~ End of the scan, 53080 items in 162 seconds (1018)(0)()

Publicité

Soutenons La Quadrature du Net ! Soutenons La Quadrature du Net !

Signaler le contenu de ce document

Publicité

Soutenons La Quadrature du Net !